Last month, Microsoft announced Windows 365; a new Cloud service aiming to deliver a full PC experience that can be streamed from any device, anywhere, any time. The release has caught many off guard, with the service already launching into General Availability at the start of this month. It’s a promising proposition and will hopefully provide flexibility to both organisations and users at a scale that was impossible for most before. But what can we expect from the latest flagship offering?
Well firstly, we now have a simple mechanism of providing a consistent and persistent virtual desktop experience to our users, which helps to truly realise the aims of hybrid working. In short, we can provide a full Windows experience to our users across any device they want to use and for most, this will be the first time we can truly allow them access to everything. This includes internal company resources and applications by enforcing the correct security and compliance policies.
For administrators, we’re again reducing the management overhead and complexity of providing a virtual desktop experience. There were huge gains to be had in this space when switching from traditional on-premises VDI platforms to Azure (Windows) Virtual Desktop, but Windows 365 takes this even further with greater support for Endpoint Manager than we’ve (easily) had before.
Starting with the most basic of basics, terminology – exactly what is this we’re talking about? Well, Microsoft are using the term ‘Cloud PC’; a new type of virtual machine created for our end users when they’re assigned a suitable Windows 365 licence. This Cloud PC is specific to the user, so there is no sharing of the resource like we had with multi-session VMs in Azure Virtual Desktop, and no underlying capacity or load balancing to manage underneath; it’s a specific PC for a specific user that we can expect to evolve and change over time, just as a physical device would.
Pricing is where we see more change from traditional models of the past. Whilst Azure Virtual Desktop allowed us a few options (such as reserving our resources and fixing the cost or spinning down or reducing capacity during quiet hours and being flexible), these usually required some upfront guesswork or long-term reviews to get right. Windows 365 is committed to offering us a simple fixed cost, rather than a moving target.
Even at launch there are a range of specifications available – and these, of course, will come with varying levels of cost – but knowing that each is a fixed cost will be a huge win for many. To simplify how this is managed, we assign a Windows 365 license in the exact same way we would any other Microsoft 365 bundle or service – straight from the user portal of Azure AD or M365. That’s it!
Windows 365 is launching with bespoke administrator roles that will allow us to continue to follow best practice of least-privileged access, which is not often something we often see when a service first launches. Within the service itself, we will often want to start with something of a baseline and we have the option of using readymade marketplace images alongside the ability to upload our own.
Of course, the flexibility we can then offer our users to make changes within the Cloud PC itself will be up to us, just as it would do on any other Endpoint Manager-controlled device. This means we can restrict or encourage customisation of the virtual machine, from personalising the desktop background all the way to installing new applications just as a user may already on a physical PC.
As we’ve alluded to already, users may want to access this service from any device, and that’s absolutely something we can safely encourage. Microsoft have built the service following the well-known Zero Trust model and, of course, fully supporting Conditional Access policies. If we don’t want to offer the initial flexibility of launching the service from unknown devices this can easily be achieved, but most will use this support to enforce standard policies like Multi-Factor Authentication (MFA).
Once logged in, users can launch into the service using familiar capability from Azure Virtual Desktop; both web and client experiences are available, depending on preference. They’ll be able to pick up exactly where they last left the VM, so moving between devices will be an absolute breeze with speed the name of the game. Initially, we see client support for Windows, MacOS, iOS and Android, but these will be joined in the supported list by Linux very soon.
We’ve mentioned support for Endpoint Manager already and it’s a huge influence in how we manage a Cloud PC throughout its lifecycle. We have dedicated configuration to set networking, such as how we want our new virtual machine to interact with an existing on-premises network or even its relationship status to Active Directory, with full support for hybrid join too.
Once our new Cloud PCs are running, we manage them just as we would a physical device, straight from Endpoint Manager and the deprovisioning process is just as easy – remove the users license and the VM will promptly be shut down and removed after a short grace period.
In short, Windows 365 is absolutely one to watch, offering functionality which will make a huge difference to those who will be continuing to work remotely or move to hybrid working.
Want to find out more about this exciting new technology? Transparity are holding a brand-new event virtual event as an introduction to Windows 365 on 9th September; just click here to register!